The community forum

Join the conversation

Security concern

 Not sure if there are others who have faced this, and if there is a workaround, or an app to address below:

1. Even when the phone is locked, one can access the notification drawer, one can turn on/ off data, wifi etc.

2. The power key is usable to power off or restart the phone

This is a basic security issue as in the wrong hands they will perform above functions, and critical services like ‘Find my device’ won’t work. There are other obvious loopholes with above access


4 people have this question

Community Hero

That's a very good spot, I didn't realise that you could do that. On my previous phones it wasn't possible to change these settings without unlocking the phone.

Meanwhile, I also found an easy way to avoid the security exposure from the notification drawer

Once you have unlocked the phone, click the Edit icon (beside the Settings icon) Move all the critical tiles so that they do not show up in the locked screen. These could include Mobile Data, Wifi, Location etc.

For rendering the power button unusable to power-off or restart the phone when locked, I'm using the Playstore app anti-Theft Security

These issues are nothing new, and "Find My Device" has and will always been blockable, and far from guaranteed functionality. It can still be blocked with a Faraday bag, and I don't think anything will be able to prevent a hard boot to disable miscellaneous security apps (I could be wrong about that and have not examined the above app in detail, but my initial view of the majority of Android security apps is that they are snake oil and/or adware).

I don't think this is a "Security concern" though...

Messing up with the connectivity etc does not expose your data or privacy in any way. Meaning no one can add, see or edit anything personal on the phone if it is locked and with an account.

Ritzar

The concern here is that if the locked phone were to land in wrong hands, then they'd shut off data etc. to stop tracking. And would also power it off 

I found that with my suggestions above, you could reduce a lot of fiddling. But the mischief maker will still use the hard boot option with Vol-UP & Power key

Yet, measures mentioned above will reduce the options for foulplay

I agree that the device can be switched off, or off network. If you do a button reset, currently the phone will ask you for the previously used account and password.
If this was that much of a security concern then it would affect all devices running Android and would have been dealt with by Google a long time ago. Tracking a phone doesn't just rely on the phone network and anyone looking to steal your phone can stop it from being tracked by turning it off anyway.
Login to post a comment